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Top Stories 

• HSBC agreed to pay a record $1 .92 billion fine to settle a multi-year probe by U.S. 
prosecutors after being accused of failing to enforce rules designed to prevent the 
laundering of criminal cash, Reuters reported December 11.- Reuters (See item 6) 

• The Associated Press reported December 1 1 that New Jersey Transit trains sustained about 
$100 million in damage from flooding during Hurricane Sandy after rail cars were stored in 
yards that models showed an 80 to 90 percent chance of not flooding, even with a massive 
storm bearing down on the region. - Associated Press (See item H) 

• A New York medical doctor pleaded guilty to an $1 1.7 million Medicare fraud scheme, 
admitting he exchanged spa services to Medicare beneficiaries that allowed their numbers 
to be billed for services never provided or not needed. - Insurance and Financial Advisor 
(See item 

• The Seattle Post-Intelligencer reported that prosecutors added 33 charges against the 
central figures in a financial scandal in Seattle Public Schools after auditors said in a new 
report they discovered an additional $1.3 million that may have been spent incorrectly. - 
Seattle Post-Intelligencer (See item 2£) 
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Energy Sector 



1 . December 1 1, Associated Press - (New Jersey) Jet fuel mistakenly pumped into cars 
in NJ. Officials said aviation fuel was pumped into cars after it was delivered to three 
Mercer County, New Jersey gas stations by mistake, the Associated Press reported 
December 11. Authorities closed a Lukoil station in Lawrence, an Express Fuel in 
Hamilton, and a Lukoil in Hamilton. A Mercer County spokeswoman said the stations 
would remain closed until all underground storage tanks, lines, and filters are emptied 
and cleaned. State officials were investigating how the mistake happened. Also, several 
cars stalled December 7 when a gas station in Keyport and one in Manasquan 
unknowingly pumped jet fuel into their tanks. 

Source: http://www.thedailviournal.com/viewart/2Q12121 l/NEWSOl/3 121 10049/Jet- 
fuel-mistakenly-pumped-into-cars-NJ 



2. December 10, U.S. Department of Labor - (Texas) U.S. Labor Department’s OSHA 
cites Honeywell Electronic Chemicals for multiple process safety management 
violations in Mansfield, Texas. The U.S. Department of Labor’s Occupational Safety 
and Health Administration December 10 (OSHA) cited Honeywell Electronic 
Chemicals LLC with 10 serious safety and health violations at the company’s facility in 
Mansfield, Texas. Proposed penalties totaled $53,000. OSHA personnel opened an 
investigation at the company’s facility as a part of the agency’s national emphasis 
program on process safety management (PSM) for covered chemical facilities. 
Employees were found to be exposed to catastrophic releases of highly hazardous 
chemicals while conducting operations at the plant. Six serious violations all related to 
PSM, and included failing to ensure process equipment complies with recognized and 
generally accepted good engineering practices; ensure standard operating procedures 
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Chemical Industry Sector 
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were annually certified; conduct an incident investigation within 48 hours and ensure 
piping and instrumentation diagrams were up-to-date. Four additional serious violations 
involved failing to ensure emergency exits were properly marked, eonfined spaces were 
identified by signage, the location of fire extinguishers were properly labeled, and that 
hazardous eontainers were properly labeled. 

Source: 

http://www.osha.gov/pls/oshaweb/owadisp.show document?p table=NEWS RELEAS 
ES&p id=23379 
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Nuclear Reactors, Materials, and Waste Sector 

3. December 11, Global Security Newswire; Knoxville News Sentinel - (Nevada; 
Tennessee) Transfer of bomb-sensitive uranium could start within months. The 
U.S. Department of Energy (DOE) hopes within months to start transferring a cache of 
aging, weapon-usable atomic material from the Oak Ridge National Laboratory in 
Tennessee to the Nevada National Security Site, the Knoxville News Sentinel reported 
December 7. More than a ton of material covered by the Consolidated Edison Uranium 
Solidification Project encompasses high-temperature uranium 232 as well as fission- 
capable uranium 233 and uranium 235. Transportation of the substance by hired firms 
could start around the beginning of 2013. The uranium is slated for placement more 
than 40 feet below the Earth’s surface, under a separate quantity of disused radiological 
material, a DOE official said. 

Source: http://www.nti.org/gsn/article/transfer-bomb-sensitive-uranium-could-start- 
within-months/ 
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Critical Manufacturing Sector 

4. December 11, U.S. Consumer Product Safety Commission - (National) Fu San 
Machinery recalls low lead ball valves installed in flammable gas lines due to fire 
and explosion hazards. The U.S. Consumer Product Safety Commission, in 
cooperation with Fu San Machinery Co., December 1 1 announced a voluntary recall of 
about 163,000 Low Lead Ball Valve/Shut-Off Gas Valves. The valves can crack and 
cause gas to leak. This poses fire and explosion hazards. The recall involves seven 
brands of sweat and threaded, low lead ball valves used in flammable gas piping 
systems used in commercial or residential settings. The valves were sold by Fu San 
Machinery directly to seven distributors nationwide from April 2011 through January 
2012. Consumers should turn off the gas supply until a replacement gas valve has been 
professionally installed. 

Source: http : //w ww . cpsc . go v/cp sepub/prerel/prhtml 13/13064 .html 

5. December 10, U.S. Department of Labor - (Texas) U.S. Department of Labor’s 
OSHA cites Amerimex Motors & Controls in Houston for exposing workers to 
hazardous chemicals, other safety hazards. The U.S. Department of Labor’s 



Occupational Safety and Health Administration (OSH A) December 10 cited Amerimex 
Motors & Controls Inc. with 28 violations following a June complaint inspection for 
exposing workers to hazardous chemicals and other safety hazards, including electrical 
and unguarded machines at its North Milby facility in Houston. Proposed penalties 
totaled $82,900. OSHA cited 13 serious violations for failing to implement energy 
control procedures; guard operating machinery, such as punches, lathes, and brakes; 
ensure compressed gases are safely stored; properly mark electrical disconnects; 
provide an emergency eyewash and shower; train and certify forklift operators; and 
ensure protective equipment, such as gloves, are used when working with hazardous 
chemicals. Fifteen other-than-serious violations were also cited. 

Source: 

http://www.osha.gov/pls/oshaweb/owadisp.show document?p table=NEWS RELEAS 
ES&p id=23385 
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Defense Industrial Base Sector 



Nothing to report 
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Banking and Finance Sector 

6. December 11, Reuters - (International) HSBC to pay $1.9 billion U.S. fine in money- 
laundering case. HSBC has agreed to pay a record $1 .92 billion fine to settle a multi- 
year probe by U.S. prosecutors, who accused Europe’s biggest bank of failing to 
enforce rules designed to prevent the laundering of criminal cash, Reuters reported 
December 11. The U.S. Department of Justice (DOJ) charged the bank with failing to 
maintain an effective program against money laundering and conduct due diligence on 
certain accounts. It also charged the bank with violating sanctions laws by doing 
business with customers in Iran, Libya, Sudan, Burma, and Cuba. In an agreement with 
the DOJ, the bank will take steps to fix the problems, pay a fine of $1,256 billion, and 
retain a compliance monitor to resolve the charges through a deferred-prosecution 
agreement. Including penalties imposed by other agencies, the bank’s fines totaled 
$1.92 billion. HSBC also faces civil penalties, to be announced later December 1 1 . The 
settlement offers new information about failures at HSBC to police transactions linked 
to Mexico, details of which were reported this summer in a U.S. Senate probe. Between 
2006 and 2010, HSBC ignored money -laundering risks associated with certain Mexican 
customers and allowed at least $881 million in drug trafficking proceeds, including 
proceeds from the Sinaloa Cartel in Mexico and the Norte del Valle Cartel in 
Colombia, to be laundered through the bank, according to the agreement. HSBC said it 
expected to also reach a settlement with British watchdog the Financial Services 
Authority. 

Source: http://www.reuters.com/article/2Q 1 2/1 2/1 1/us-hsbc-probe- 
idUSBRE8BA05M2012121 1 
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7. December 11, BankInfoSecurity - (International) 5 banks targeted for new DDoS 
attacks. A hacktivist group responsible for previous distributed denial of serviee 
(DDoS) attaeks against banks announced the “second phase” of its campaign, saying 
five major U.S. banks will be the victims of new DDoS attacks starting the week of 
December 10, BankInfoSecurity reported December 11. U.S. Bancorp, JPMorgan 
Chase, Bank of America, PNC Financial Services Group, and SunTrust Banks are the 
latest targets, according to the group, which announced its plans in a December 10 
Pastepin posting. Each of these five banks suffered DDoS attacks during phase one of 
the hacktivist group’s campaign, which ran roughly from mid-September to mid- 
October. During that period, the group claimed responsibility for attacks on 10 major 
banks. Each institution was warned ahead of time, but none was able to completely 
fend off the attacks, which caused online banking outages of varying lengths. 

Source: http://www.bankinfosecuritv.com/5-banks-targeted-for-new-ddos-attacks-a- 
5346 



8. December 10, Softpedia - (International) Fraudsters are setting up bogus hotel 
websites, experts find. Experts from security firm Bitdefender inform that fraudulent 
hotel Web sites can help criminals in accomplishing various malicious tasks, including 
identity theft and money laundering, Softpedia reported December 10. In other cases, 
they might simply ask individuals who want to book a room to pay a certain amount of 
money upfront. The fake Web sites usually leverage the names and reputations of 
famous brands. Unlike phishing sites, these fraud Web sites are not promoted via email 
or social media spam. Instead, they are kept secret to ensure that the domain will not be 
seized by authorities. 

Source: http://news.softpedia.com/news/Eraudster-Are-Setting-Up-Bogus-Hotel- 
Websites-Experts-Eind-3 13528 .shtml 

9. December 10, U.S. Department of Justice - (National) Former Dallas broker pleads 
guilty to defrauding investors through stock manipulation scheme. A former Dallas 
securities broker pleaded guilty December 10 for his role in a scheme to defraud 
thousands of investors through the manipulation of publicly traded stocks that created 
$44 million in illegal proceeds. The broker pleaded guilty in federal court in the 
Northern District of Oklahoma to one count of money laundering for laundering 
$250,000 in proceeds from the fraud. The broker was originally charged along with 
four other defendants in a 24-count indictment unsealed February 10, 2009. Prior to 
trial, he fled to Costa Rica, where he remained until he was extradited to the United 
States in May 2012. According to court documents and evidence presented at the 2010 
trial, the defendants manipulated the stocks of three companies in a “pump and dump” 
scheme in which they manipulated the publicly traded penny stocks. The defendants 
and their nominees obtained significant profits by selling large amounts of shares after 
they had artificially inflated the stock price. For each of the three manipulated stocks, 
the co-conspirators’ sell-off caused declines of the stock price and left legitimate 
investors holding stock of significantly reduced value. 

Source: http://www.loansafe.org/former-dallas-broker-pleads-guilty-to-defrauding- 
investors-through-stock-manipulation-scheme 



Transportation Sector 



10. December 11, KWGN 2 Denver - (Colorado) Light Rail train strikes pedestrian, 
causes delays. The Regional Transportation District (RTD) of Colorado said one of its 
Light Rail trains struck a pedestrian December 1 1 . After a lengthy investigation that 
delayed train operations for over 2 hours police found the victim of the accident. An 
RTD spokesperson said a train operator going over the Santa Fe flyover near West 
Bayaud Avenue first reported that something may have been struck by a train. Dispatch 
confirmed that the victim was found at a maintenance facility. According to dispatch, 
the individual is alive and was transported to a nearby hospital. Officers populated the 
scene of the accident at the West Bayaud Avenue Light Rail crossing, with the 
investigation delay the operation of the C, D, E, F, and H Light Rail lines until normal 
operations resumed. 

Source: http://kwgn.eom/2012/12/l 1/rtd-light-rail-train-mav-have-struck-pedestrian- 
delays-possible/ 

11. December 11, Associated Press - (New Jersey) NJ Transit chief: Train storage in 
storm ‘sound’. New Jersey Transit’s executive director December 1 1 defended his 
decision to store rail cars in Hoboken and Kearney to protect them during superstorm 
Sandy in October. He told the State Assembly’s Transportation Committee that rail 
yards in the two cities had never flooded before and that models showed an 80 to 90 
percent chance the yards would not flood even with a massive storm bearing down on 
the region. It turned out the models were wrong, and NJ Transit trains sustained about 
$100 million in damage from flooding in the two storage yards. He said his agency is 
looking into places where rail cars and other equipment could be kept dry in case of 
future storms. The storm in New Jersey hit commuter trains particularly hard, shutting 
down key stations on the Port Authority Transportation Hub line between New York 
and New Jersey and flooding cars. As a consequence, rail lines across the State were 
still experiencing delays. A former official at the Long Island Railroad and Conrail said 
the rail car destruction in New Jersey — including damage to nearly one-fourth of its 
cars and locomotives — was largely preventable. 

Source: http://www.seattlepi.com/news/article/NJ-Transit-chief-train-storage-decision- 
sound-4 104197 .php 

12. December 10, KOCO 5 Oklahoma City - (Oklahoma) Bomb squad finds 2 pipe 
bombs at OKC trucking company. Police found and disabled two pipe bombs at an 
Oklahoma City trucking company December 10. The Oklahoma City Police 
Department bomb squad said the two bombs found at the Majerus Trucking Co. were 
“viable and working.” Officers said the bombs were found under a truck at the facility. 
Police shut down Southwest 29th Street near the company as the bomb squad 
investigated the devices. Crews said they searched other trucks and vehicles at the site 
and found nothing. Investigators said they were collecting evidence and questioning 
employees. 

Source: http://www.koco.com/news/oklahomanews/okc/Bomb-squad-finds-2-pipe- 
bombs-at-OKC -trucking-company/ -/1 1777584/177252 18/-/xk9oqf/-/index.html 
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Postal and Shipping Sector 



13. December 11, KION 46 Salinas - (California) FedEx scam hits Salinas during busy 
season. KION 46 Salinas reported December 1 1 that Fedex verified that a phone scam 
is underway in Salinas, California. The scam begins with a phone call and a person 
claiming to represent FedEx claiming to be in possession of a package mailed to their 
target. The scammer tells the victim if they do not pay [for the package] “that they’re 
going to notify the police and that the police can actually detain the person not paying 
for 48 hours,” a local police officer said. The scammer then gives the victim an account 
number to a local bank to pay the fee. FedEx said it does not make any random phone 
calls to track packages. The typical target is people who primarily speak Spanish. Local 
police said the scammer will start speaking in English and switch to Spanish if need be. 
Source: http://www.kionrightnow.eom/storv/20310897/fedex-scam-hits-salinas-on- 
record-br caking 

14. December 10, WTVR 6 Richmond - (Virginia) Petersburg UPS driver shot on 
delivery route. A UPS delivery driver was shot December 10 in Petersburg, Virginia, 
and was taken to the hospital. Police sources told WTVR 6 Richmond that the UPS 
driver was shot in the leg in what may have been a robbery attempt, although 
Petersburg Police said the motive had not been determined. The driver was stopped at 
an apartment complex when he was confronted. 

Source: http://wtvr.eom/2012/12/10/petersburg-ups-driver-shot-on-deliverv-route/ 

[ Return to top] 

Agriculture and Food Sector 

15. December 10, Meat & Poultry - (International) Japan halts beef imports from Brazil 
on BSE fears. Japan has stopped importing beef from Brazil after the World Animal 
Health Organization (OIE) discovered a protein believed to cause bovine spongiform 
encephalopathy (BSE) in a cow. Meat & Poultry reported December 10. OIE conducted 
tests on tissue from the Brazilian cow and confirmed the presence of prions, the protein 
linked to BSE. The OIE report stated that the animal was a beef breeding cow almost 

1 3 years old when it died, according to information obtained during the 
epidemiological investigations. “The epidemiological investigation shows that the 
animal’s death was not caused by BSE and suggests that it may be an atypical case of 
the disease occurring in the oldest animals,” OIE said in its findings. “Information 
collected during the epidemiological investigation shows also that the animal was 
reared in an extensive system on grazing.” OIE added that Brazil is still recognized as 
having a negligible BSE risk. 

Source: http://www.meatpoultry.com/News/News Home/Global/20 12/ 12/Japan halts 
beef imports from Brazil on BSE fears.aspx 

16. December 10, Food Safety News - (Pennsylvania) Raw milk linked to illnesses in 
Pennsylvania. Raw milk produced by the Kimberton Earms Dairy and distributed by 
the four-store Kimberton Whole Eoods is making people sick with “severe gastro 
enteric symptoms,” Pennsylvania’s Chester County Health Department announced 
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December 10. The department said Kimberton Whole Foods has removed the raw milk 
products from its shelves in Kimberton and Downingtown, Pennsylvania. The milk was 
packaged under the Camp Hill Village and Kimberton Hills brands. The Pennsylvania 
Departments of Agriculture and Health joined the investigation into the as-yet- 
unnamed pathogen making people sick. Chester County health officials are also getting 
help from adjoining counties. Anyone experiencing diarrhea, vomiting, bloody stool, 
and /or abdominal pain within two weeks of drinking raw milk is urged to contact a 
physician. 

Source: http://www.foodsafetvnews.com/2012/12/raw-milk-is-making-people-sick-in- 
pennsvlvania-stores-pull-it-from-shelves/#.UMesEK7kGok 

17. December 10, Food Poison Journal - (National) Apple slices recalled over 

Listeria. Freshway Foods announced December 8 they are recalling sliced apple packs 
over listeria fears. The voluntary recall covers product that is already out-of-date. No 
illnesses linked to the recalled product had been reported as of December 10, said a 
company spokeswoman. About 6,670 pounds of sliced apples packaged November 12 
using a packaging machine that may have been contaminated with listeria were 
recalled. The recall follows a finding of listeria in a retail sliced green apple product by 
the North Carolina Department of Agriculture & Consumer Services. The recall covers 
2.4- and 14-ounce sliced red apple packs and 14-ounce sliced green apple packs with 
use-by dates of November 30, December 3 and December 6. The product was shipped 
to Alabama, Florida, Georgia, Kentucky, New York, North Carolina, and Tennessee. 
Source: http://www.foodpoisonjournal.com/food-recalFapple-slices-recalled-over- 
listeria/ 
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Water Sector 



18. December 11, Portsmouth Seacoast Online - (New Hampshire) Newmarket agrees to 
EPA nitrogen permit. The town of Newmarket, New Hampshire, agreed to accept a 
nitrogen discharge permit issued by the federal Environmental Protection Agency 
(EPA) and enter into an administrative order of consent that will lead to the building of 
a new $14.1 million wastewater treatment plant for the town. The town administrator 
said December 10 that town officials agreed to the permit and to enter into the 
agreement in order to avoid a long legal battle while trying to give town ratepayers “a 
degree of rate certainty.” Asked about the potential legal costs of fighting the order by 
the EPA to reduce the nitrogen discharge permit first to 8 milligrams per liter (mg/1) 
and then to 3, he said, “I think that was a big part of it, we know we need a new plant, 
our plant is antiquated, it was built in the late ‘60s or early 1970s, plus this way it will 
give some certainty to the ratepayers.” The EPA maintains that nitrogen from 
wastewater treatment plants contributed to water quality violations in the Great Bay 
estuary and reducing eelgrass and oyster populations. As a result, the EPA issued 
permits requiring communities with wastewater treatment plants to update the facilities 
to release only 3 mg/1. 

Source: http: //www. seacoastonline. com/articles/20 121211 -NEW S -2 1211 0335 
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19. December 10, Modesto Bee - (California) Stanislaus County weighs $3.5M deal to 
clean landfill. Stanislaus County supervisors are poised to spend an additional $3.54 
million on environmental eleanup at the former Geer Road landfill in California, the 
Modesto Bee reported December 10. The county staff members asked the board to 
approve a 3-year, $3,079,446 contract for Tetra Tech, BAS, Inc. to oversee systems that 
address groundwater pollution linked to the former landfill southeast of Modesto. One 
system extracts and burns gases that are emitted by the buried garbage. In addition, 
wells at the 168-acre site remove groundwater and run it through filters to remove 
cancer-causing toxins. To comply with an April 2011 State order for more aggressive 
treatment, the county could add about $500,000 in contract amendments with Tetra 
Tech, a worldwide consulting firm. The Geer landfill was not designed to present-day 
standards when in 1970 it was located near the Tuolumne River, a mile northeast of 
Hughson. Monitoring shows the contaminated groundwater spread underneath the 
river, though the toxins were not detected in the Tuolumne, officials said. Over the 
years, the county has spent $7.4 million on corrective actions. 

Source: http://www.modbee.com/2012/12/10/2490559/county-weighs-35m-deal-to- 
clean.html 



20. December 10, Palladium-Item - (Indiana) Sewer overflow alert issued for 

Richmond. The Richmond Sanitary District issued a combined sewer overflow alert 
for Richmond, Indiana, the Palladium-Item reported December 10. Rain December 9 
caused an overflow of sewage into the East Fork of the Whitewater River where South 
G and H streets meet the Whitewater Gorge in Richmond and at the Wastewater 
Treatment Plant on Liberty Avenue. Residents should avoid all contact with river water 
downstream of this location for at least 72 hours. Swallowing or hand-to-mouth contact 
with sewage-contaminated river water can make residents sick. A combined sewer 
transports stormwater, industrial wastewater and sewage in the same pipe. When heavy 
rainfall occurs, combined sewers may overflow directly into the East Fork of the 
Whitewater River. 

Source: http: //www. pal -item. com/article/20 12121 0/NEWSO 1/3121 000 1 3/Sewer- 
overflow-alert-issued-Richmond?odvssev=navlhead&nclick check= 1 
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Public Health and Healthcare Sector 



21. December 11, Insurance and Financial Advisor - (New York) N.Y. doctor pleads 
guilty to $11.7M Medicare fraud scheme. A Flushing, New York medical doctor 
pleaded guilty to his role in an $1 1.7 million Medicare fraud scheme. Insurance and 
Financial Advisor reported December 1 1 . Prosecutors said while president of URI 
Medical Service PC and Sarang Medical PC, the doctor purportedly provided physical 
therapy and electric stimulation treatment, and he admitted he exchanged spa services 
to Medicare beneficiaries that allowed their numbers to be billed for services never 
provided, or not needed. 

Source: http://ifawebnews.eom/2012/12/l l/n-y-doctor-pleads-guilty-to-l l-7m- 
medicare-fraud-scheme/ 
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22. December 10, Becker’s Hospital Review - (North Carolina) Carolinas Healthcare 
System discloses data breach to 5,600 patients. Charlotte, North Carolina-based 
Carolinas Healthcare System notified 5,600 patients of Carolinas Medical Center- 
Randolph in Charlotte of a potential data breach from an unauthorized electronic 
intruder, Becker’s Hospital Review reported December 10. The security breach was 
discovered October 8 following an upgrade in the hospital’s security software. An 
investigation revealed that the intruder obtained emails from a provider’s account 
between March 1 1 and October 8 without the provider’s or the hospital’s knowledge. 
According to the release, most of the emails did not contain patient information; 
however, five emails contained Social Security numbers and a few others contained 
medical and other patient information. Carolinas Healthcare has no evidence that the 
information has been misused at this time, but the health system is taking several 
measures to ensure the intrusion is contained and prevented in the future, according to 
the release. 

Source: http://www.beckershospitalreview.com/healthcare-information- 
technologv/carolinas-healthcare-svstem-discloses-data-breach-to-5600-patients.html 
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Government Facilities Sector 



23. December 11, Chicago Sun-Times - (Illinois) Teen shot on school bus in Englewood 
after CPS basketball game. A teen was shot while riding a school bus after a Chicago 
Public Schools basketball game in the South Side Englewood neighborhood December 
10, police said. The bus, which was transporting a basketball team following the game, 
was near West 62nd Street and South Stewart Avenue when three or four gunman 
aimed at the vehicle and opened fire, said a police news affairs officer. A student was 
struck by a bullet in left leg and was the only shooting victim, police said. Police said 
the bus driver drove the teen to Provident Hospital where he was listed in good 
condition. 

Source: http://www.suntimes.com/news/16945184-418/teen-shot-on-school-bus-in- 
englewood-after-cps-basketball-game.html 

24. December 10, Seattle Post-Intelligencer - (Washington) Figures in Seattle schools 
scandal face 33 new charges. Prosecutors added 33 charges against the central figures 
in a financial scandal in Seattle Public Schools, the Seattle Post -Intelligencer reported 
December 10. Two men now face 42 charges of either first- or second-degree theft. 
King County prosecutors originally charged the two men and a woman with stealing 
$250,000 from the Seattle schools program meant to encourage small firms to bid on 
district projects. State auditors examining the small-business development program 
found that $1.5 million in expenditures were questionable and that $280,000 was paid 
for work that was not done or did not benefit Seattle Public Schools. This fall auditors 
said in a new report that they may have turned up $1 .3 million more that may have 
been spent incorrectly. 

Source: http://www.seattlepi.com/mount-rainier/article/Figures-in-Seattle-schools- 
scandal-face-3 3 -new-4 10587 6 .php 
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Emergency Services Sector 

25. December 11, Imperial Valley Press - (California) More than 115 inmates involved 
in Calipatria State Prison riot. Nine inmates were taken to area hospitals with 
moderate to serious injuries after a riot involving more than 115 inmates erupted at 
Calipatria State Prison in California, December 8, prison officials reported. Inmate 
movement was being limited December 10 as prison officials continued to investigate 
the exact cause of the riot, according to the Calipatria State Prison public information 
officer. Response teams from other areas of the prison converged on the scene of the 
riot, which took place in Facility A’s general population Level IV yard, a maximum 
security area, quelling the violence, and subduing the inmates after about seven 
minutes, the officer said. The riot started after an inmate wielding a stabbing-type 
weapon approached a group of five inmates in the yard and began stabbing the five 
men, according to preliminary reports. The five men were able to subdue their attacker 
and began to batter him as additional inmates approached the crime scene. At that time, 
a semi-automatic round was fired as a warning shot, according to the prison. 
Responding correctional officers used pepper spray and foam-tipped rubber rounds to 
control the violence as more staff arrived to assist. 

Source: http://www.ivpressonline.com/news/ivp-more-than-l 15-inmates-involved-in- 
calipatria-state-prison-riot-20 121211 ,0,6724 1 60. story 

26. December 11, Associated Press - (Georgia) Ga. inmate accused of using stolen ID to 
flee jail. Authorities in Savannah, Georgia, have re-captured an inmate four days after 
they said he escaped from jail by fooling guards into thinking he was another prisoner 
due to be released. The U.S. Marshals Service and Chatham County sheriff said the 
inmate was captured December 10 after he was spotted in downtown Savannah. 
Authorities followed him into neighboring South Carolina, where he was arrested and 
jailed in Jasper County. Sheriffs officials said the inmate December 6 scammed his 
way through normal discharge procedures at the county jail by using an identification 
bracelet taken from a fellow inmate. He was being held on charges of drug possession 
and theft by receiving stolen property. He now faces additional charges of escape and 
making false statements to police. 

Source: http://www.wtvm.com/storv/20312229/ga-inmate-accused-of-using-stolen-id- 
to-fiee-jail 
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Information Technology Sector 

27. December 11, Wired.com - (International) Google accidentally transmits self- 

destruct code to army of Chrome browsers. Google’ s Gmail service went down for 
about 20 minutes December 10, which coincided with widespread reports that Google’s 
Chrome browser was also crashing. A Google engineer later confirmed the crashes 
were affecting Chrome users who were using another Google Web service known as 
Sync, and that Sync and other Google services were disrupted when Google 
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misconfigured its load-balancing servers. The engineer wrote that a problem with 
Google’s Sync servers kicked off an error on the browser, which made Chrome 
abruptly shut down on the desktop. ”It’s due to a backend service that sync servers 
depend on becoming overwhelmed, and sync servers responding to that by telling all 
clients to throttle all data types,” he said. That “throttling” messed up things in the 
browser, causing it to crash. 

Source: http : //w ww . wired .com/wiredenterprise/20 12/1 2/goo gle-bu g/ 

28. December 11, Softpedia - (International) Stored XSS that allowed hackers to hijack 
Tumblr blogs still unfixed. The stored cross-site scripting (XSS) vulnerability that 
allowed hackers to hijack Tumblr blogs remains unfixed, according to a security 
researcher. He explains that this vulnerability could be utilized for numerous 
cybercriminal operations. The stored XSS could be used for phishing, malware attacks, 
and even to spam users. The researcher also reveals some interesting facts about this 
particular stored XSS security hole. For instance, victims of attacks that exploit this 
vulnerability do not have to be logged in to Tumblr. Also, the bug could be used to 
spread a malicious payload because when an entry is reblogged, the payload is also 
included in the new post. Furthermore, arbitrary JavaScript can be executed in the 
victim’ s browser from a remote location. 

Source: http://news.softpedia.com/news/Stored-XSS-That-Allowed-Hackers-to-Deface- 
Tumblr-Blogs-Still-Unfixed-313829.shtml 

29. December 11, V3.co.uk - (International) Researchers warn of malware attack from 
WordPress exploit. Security experts are warning webmasters over a series of attacks 
targeting the WordPress and Joomla publishing platforms. The Sans Institute said that it 
has received reports of multiple exploit attempts on the platforms. The compromised 
sites are then injected with code which redirects to a third-party site. A Sans blogger 
and president of security firm Bambenek Consulting said that the attacks were 
particularly interesting for their method of attempting to exploit pages en masse by 
targeting servers. “The interesting thing to note is that it doesn’t seem to be a scanner 
exploiting one vulnerability but some tool that’s basically firing a bunch of Joomla and 
Wordpress exploits at a given server and hoping something hits,” he explained. Sans 
said that the compromised sites are used to redirect users to an attack site which tries to 
infect users with a phony antivirus package. 

Source: http://www.v3.co.uk/v3-uk/news/2230978/researchers-warn-of-malware- 
attack-from-wordpress-exploit 

30. December 11, Threatpost - (International) Kelihos update includes new TLD and 
USB infection capabilities. The Kelihos botnet is now relying on double fast-flux 
domains to spread spam and malware. According to an analysis from a researcher at 
abuse.ch, Kelihos has also switched top-level domains, moving to .ru from .eu. More 
insidious, however, is that it now has the ability to spread via removable drives such as 
USB storage devices. Once this latest update of Kelihos infects a computer, it connects 
with a .ru domain hosting its command and control looking for updates. The .ru domain 
is double fast-flux hosted, the researcher said. Once an updated version of Kelihos is 
sent to the infected machine, it will infect any removable drives attached to the 
computer by exploiting the same vulnerability as Stuxnet. The switch to .ru domains 
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happened during the summer, according to the report, and the attackers have a lengthy 
list of sites from which to send new binaries updating the botnet, all of which are 
registered to REGGI-RU, a registrar in Russia. The botnet operators, however, are 
using a registrar in the Bahamas to register the name server domains providing DNS 
resolution to the Russian domains hosting malware. Kelihos boasts up to 150,000 
spambots per day. 

Source: http://threatpost.com/en us/blogs/kelihos-update-includes-new-tld-and-usb- 
infection-capabilities-121 1 12 

31. December 11, CNET News - (International) Nokia engineer: Here’s how to hack 
Windows 8 games. A Nokia engineer posted an explanation on how the “use of innate 
Windows 8 security attack vectors” can allow a person with admittedly advanced 
knowledge to “compromise Windows 8 games revenue stream.” The hack, which can 
be completed in five multipart steps, does not necessarily highlight a security flaw that 
would leave users vulnerable. Instead, the hack shows the way in which hackers can get 
a paid game for free because of inherent flaws in the way in which apps are stored and 
handled by Windows 8. 

Source: http://news.cnet.eom/8301-10805 3-57558423-75/nokia-engineer-heres-how- 
to-hack-windows-8-games/?part=rss&subj=news&tag=2547-l 3-0-20 

32. December 10, Bloomberg News - (International) Facehook restored after site 
maintenance disrupted some access. Facebook said it fixed an outage that left some 
users unable to access its social network while the company made a change to the site’s 
infrastructure December 10. ”We made a change to our DNS infrastructure, and that 
change resulted in some people being temporarily unable to reach the site,” a Facebook 
spokeswoman said in an emailed statement. “We detected and resolved the issue 
quickly, and we are now back to 100 percent.” 

Source: http://www.businessweek.eom/news/2012-12-10/facebook-restored-after-site- 
maintenance-disrupted-some-access 

33. December 10, The H - (International) Only 15% of known malware caught by 
Android 4.2’s verifier. A researcher at North Carolina State University found that only 
15 percent of known malware samples tested on Android 4.2’s new app verification 
service were detected. The researcher loaded 1260 malware samples from the Android 
Malware Genome Project onto 10 Android 4.2 devices. Of the 1260 samples only 193 
were detected as malware. The researcher also performed a test comparing Google’ s 
verification against a range of ten different existing anti-virus applications through 
VirusTotal, looking at randomly selected malware samples from each malware family. 
The anti-virus applications run by VirusTotal ranged in efficacy from 100 percent to 51 
percent, but the Android App verification system scored only 20.4 percent. The 
researcher noted that the app verification service uses a fragile mechanism of verifying 
SHAl values from the app and package name to determine whether a package is 
dangerous or potentially dangerous. He also notes that the verification system relies on 
the server component, leaving the client-side of the system completely without 
detection capabilities. 

Source: http://www.h-online.com/securitv/news/item/Onlv-15-of-known-malware- 
cau ght-by- Android-4 -2 -s- verifier- 1765724 .html 
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Internet Alert Dashboard 



To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.Eov or 
visit their Web site: http://www.us-cert.gov 

Infoitnation on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and 
Analysis Center) Web site: https://www.it-isac.org 
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Communications Sector 



Nothing to report 
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Commercial Facilities Sector 



34. December 11, KXAS 5 Dallas- Fort Worth - (Texas) Two fires, one apartment 
complex, hours apart. A Dallas apartment fire that initially started December 10, 
reignited December 1 1 . The fire first tore through Las Cascadas Apartments December 
10. Firefighters battled the four-alarm blaze for 90 minutes before getting it under 
control. Firefighters were back at the complex just a few hours later to battle the second 
fire after crews said embers from the first fire flared up. Crews were still investigating 
what caused the initial blaze that left 15 families without homes. A dozen units were 
destroyed. The Red Cross is helping those residents by providing clothing, food, and 
shelter. The Red Cross said the Las Cascadas fire was the fifth fire they assisted with in 
north Texas in just 7 hours. 

Source: http://www.nbcdfw.com/news/local/Crews-Extinguish-Apartment-Fire- 
Reignites-Hours-Later-1 8296362 1 .html 

35. December 11, Daytona Beach News- Journal - (Florida) Storm victims start cleanup; 
64 homes damaged, 13 extensively. Residents of the Terra Mar Village subdivision in 
Volusia County, Florida, came out December 1 1 to survey the damage left by the 
previous night’s “significant wind event.” According to the Volusia County Sheriff’s 
Office, 64 trailers were damaged, 5 1 of which were moderately hit. There appeared to 
be extensive damage to 13 trailers. The village also had moderate roof damage. Power 
was restored to 70 percent of the park December 1 1 . There were also reports of 
numerous trees down and two homes damaged at the nearby Jones Fish Camp. 

Source: http://www.news- 

ioumalonline. com/article/20 121211 /NEWS/ 1 2 1 2 1 9975 ?p= 1 &tc=pg 

36. December 11, Contra Coasta Times - (California) Hayward: Mother and son escape 
arson fire ignited by Molotov cocktail. A fast-moving arson fire ignited by a Molotov 
cocktail heavily damaged a three-bedroom apartment in Hayward, California, 

December 11, officials said. The victims escaped the three -bedroom apartment without 
injury. Eirefighters broke holes in the roof to ventilate the blaze, allowing others to 
begin battling the fire from the ground, a fire captain said. The blaze did about 
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$150,000 to $200,000 in damage to the apartment and destroyed about $20,000 in 
contents. The Red Cross was called into help the residents; however occupants will be 
able to return to their home, he said. Investigators determined that the fire was arson, 
started by a Molotov cocktail thrown into the living room, according to a Hayward Fire 
spokesman. 

Source: http://www.contracostatimes.com/news/ci 22167755/hayward-mother-and- 
son-escape-fast-moving-suspicious 

37. December 10, Associated Press - (Kansas) Pool heater to blame for carbon 
monoxide incident at Greensburg hotel. A Greensburg, Kansas hotel reopened after 
carbon monoxide exposure sent more than 30 people to a hospital where they were 
treated and released. The December 9 incident caused a brief evacuation of the Best 
Western Inn & Suites. The Kiowa County sheriff said December 10 that several 
children had got out of the hotel swimming pool with dilated eyes and difficulty 
breathing. He said the children had been exposed to high levels of carbon monoxide 
believed to result from a water heater failing to vent properly. Guests were allowed 
back into their rooms December 9, but the pool area remained closed until the problem 
was fixed. 

Source: http://cjonline.com/news/2Q 12-12-1 0/pool-heater-blame-carbon-monoxide- 
incident-greensburg-hotel 

38. December 10, WPVI 6 Philadelphia - (Pennsylvania) Fire tears through Mummers 
band’s warehouse. The fire marshal begun his investigation into a multi-alarm fire in 
Philadelphia, WPVI 6 Philadelphia reported December 10. Emergency crews were 
called to the three-story building, and homes near the massive fire were evacuated; one 
was destroyed and the elderly homeowner was taken to a local hospital as a precaution. 
Inside the 10,000 square foot warehouse was an auto repair shop and a workshop for 
the Fralinger String Band. The fire commissioner said more than 100 firefighters were 
fighting the fire. Firefighters reported seeing cars from the auto repair shop on fire 
when they reached the warehouse. “It became untenable and too dangerous to our 
firefighters and we went to an exterior attack and we did as much as we could,” he said. 
Source: http://abclocal.go.com/wpvi/storv?section=news/local&id=8915107 

For another story, see item 8 
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National Monuments and Icons Sector 



Nothing to report 
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Dams Sector 



39. December 11, Dredging Today - (California) USA: Marysville ring levee project 
moves forward. After 2 years of construction, phase one of the Marysville Ring Fevee 
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Project in California drew to a close with 4,600 linear feet of deep-soil-mixed cutoff 
wall installed - the first milestone in a four -phase project to reduce Marysville’s flood 
risk, Dredging Today reported December 11. “All major structural improvements for 
this stretch of levee are complete,” said the U.S. Army Corps of Engineers Sacramento 
District project manager. The ring levee project is a partnership between the 
Sacramento District, the Central Valley Flood Protection Board, and the Marysville 
Levee District. The deep-soil-mixed cutoff walls, the primary focus of the project, were 
made of a controlled mixture of native soil, cement, and bentonite clay and created a 
vertical barrier to seepage in existing earthen levees. Ground was broken on the $10.8 
million first phase in September 2010 after Raito Inc. of San Leandro was awarded the 
contract. Funding was provided through the American Recovery and Reinvestment Act 
of 2009. The State of California appropriated $17 million toward the project as part of 
their commitment to upgrade the State’s levee systems. Upon completion, Marysville’s 
levee system will meet the State-mandated 1 -in-200 annual chance of flooding for 
urban areas, making it one of the lowest at-risk cities in California’s Central Valley. 

The four-phase, $100-million Marysville project is slated to be completed in 2016 and 
will reduce flood risk for the town of 12,000 residents on the Yuba and Feather rivers. 
Source: http://www.dredgingtodav.com/2012/12/ll/usa-marvsville-ring-levee-project- 
moves -forward/ 



40. December 10, North Vernon Plain Dealer Sun - (Indiana) Officials hail $1.6M dam 
project. Work neared completion on a $1.6 million project to reinforce the earthen dam 
on Country Squire Lake in Indiana, the main lake at Country Squire Lakes (CSL), the 
North Vernon Plains Daily Sun reported December 10. The 750-foot long, 35-foot tall 
dam was on the State’s warning list for years because of structural deficiencies that 
experts said could result in a failure, resulting in a flood of water down Six Mile Creek. 
The threat was not imminent, according to Indiana Department of Natural Resources 
(DNR), but DNR said it would soon get that way without repairs. CSL officials have 
purposely kept the water level low to keep pressure off the dam and thus reduce the 
danger of the dam’s failure. Last August, W.B. Koester Construction of Bloomington 
began the work of reinforcing the dam and rebuilding its spillway. The work will be 
finished well before the June 30, 2013, deadline as set in the Indiana Office of 
Community and Rural Affairs grant, which is funding most of the project. The 
Community Association, the quasi-governmental body that governs the private 
community, provided the $50,000 match required for the grant. Thirteen years ago, 
high water washed over the dam, causing severe erosion. Four years ago, a series of 
leaks developed in the lake’ s limestone bottom near the dam. 

Source: http://www.plaindealer- 

sun.com/main.asp?SectionID=3&SubSectionID=40&ArticleID=23509 

41. December 10, Gloucester Times - (Massachusetts) Rockport’s Millbrook Dam 
nearing completion. After six months of restoration work, the historic Millbrook 
Meadow Dam in Massachusetts was set to be complete by the end of the month, the 
Gloucester Times reported December 10. The repairs to the dam were long overdue, 
after it was severely damaged by the heavy rain during a storm over Mother’ s Day 
weekend in 2006. The project came in slightly over budget at $1 .1 million; the initial 
appraisal came in at $1 million. However, the public works director said everything has 
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gone according to plan. Restoration work began in August, with the Federal Emergency 
Management Agency picking up 75 percent of the project tab and Rockport taxpayers 
taking out a loan for the remaining 25 percent. 

Source: http://www.gloucestertimes.com/local/xl839365506/Rockports-Millbrook- 
Dam-nearin g -completion 
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